CVE-2023-6368
CVSS V2 None
CVSS V3 None
Description
In WhatsUp Gold versions released before 2023.1, an API endpoint was found to be missing an authentication mechanism. It is possible for an unauthenticated attacker to enumerate information related to a registered device being monitored by WhatsUp Gold.
Overview
- CVE ID
- CVE-2023-6368
- Assigner
- ProgressSoftware
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-12-14T16:06:29.101Z
- Last Modified Date
- 2023-12-14T16:06:29.101Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://www.progress.com/network-monitoring | product |
https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-December-2023 | vendor-advisory |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-6368 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6368 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 06:24:25 | Added to TrackCVE |